000018818 - LDAP objects that cannot be edited using listuclass.xuda

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000018818
Applies ToKeon Certificate Authority
Sentry CA 3.5 and later
TechNote 0142
IssueLDAP objects that cannot be edited using listuclass.xuda
When editing some LDAP objects using listuclass.xuda, the following error message will display:
Program Error
ReplaceObjectFromEditForm: parameter type mismatch!
CLASS (xuda_cert_req): Adding field EXTENSIONS failed!
CauseThe problem should arise for any object whose class definition has one or more attributes whose type is anything other than 'IA5' (selecting 'Edit' for an object class in listuclass will show the field types).  By default, there are three such object classes, all of which contain attributes of type 'Octets'.
 1. xuda_cert_req
     - used extensively in the enrollment process
 2. xuda_cert_req_extensions
     - no longer used, but still defined and available for end-user use
 3. v3extension
     - used minimally in support of certificate extensions
     - these objects should almost certainly not be edited by any user -- changes may cause conflicts with compiled code, or with upgrades from   one version to another
Also, any object classes that users define for themselves having one or more attributes whose type is not 'IA5' will also exhibit the problem.
ResolutionDo not edit object classes that have one or more attributes whose type is not "IA5" using listuclass.xuda.
Legacy Article IDa3686

Attachments

    Outcomes